Nmap Development mailing list archives

Re: Trying out nmap 5 with snow leopard - public release

From: David Fifield <david () bamsoftware com>
Date: Wed, 9 Sep 2009 22:34:20 -0600

On Mon, Aug 31, 2009 at 01:54:43AM -0400, Darius S Garsys wrote:

Long and short. Running nmap as a regular user seems to work: Forex,  
ping scans of network as a whole and nmap scan of my old g5:

Aziz:~ dariusgarsys$ nmap -sP 10.123.11.1/24

Starting Nmap 5.00 ( http://nmap.org ) at 2009-08-31 01:49 EDT
Host 10.123.11.1 is up (0.012s latency).
Host 10.123.11.5 is up (0.018s latency).
Host 10.123.11.20 is up (0.046s latency).
Host 10.123.11.22 is up (0.00048s latency).
Host 10.123.11.102 is up (0.0023s latency).
Nmap done: 256 IP addresses (5 hosts up) scanned in 2.79 seconds

Aziz:~ dariusgarsys$ nmap 10.123.11.102

Starting Nmap 5.00 ( http://nmap.org ) at 2009-08-31 01:48 EDT
Interesting ports on 10.123.11.102:
Not shown: 991 closed ports
PORT      STATE SERVICE
22/tcp    open  ssh
88/tcp    open  kerberos-sec
548/tcp   open  afp
625/tcp   open  apple-xsrvr-admin
631/tcp   open  ipp
3689/tcp  open  rendezvous
5432/tcp  open  postgresql
5900/tcp  open  vnc
49156/tcp open  unknown

But the second I try to run a root-level scan (say a syn scan..)

Aziz:~ dariusgarsys$ sudo nmap 10.123.11.102

Starting Nmap 5.00 ( http://nmap.org ) at 2009-08-31 01:50 EDT
Warning: Unable to open interface vmnet8 -- skipping it.
Warning: Unable to open interface vmnet1 -- skipping it.
Note: Host seems down. If it is really up, but blocking our ping probes, 
try -PN
Nmap done: 1 IP address (0 hosts up) scanned in 0.32 seconds


It appears that whatever target you are scanning sends its ARP replies
to the broadcast address, which behavior has been observed in Solaris 10
and Windows 7.

http://seclists.org/nmap-dev/2009/q3/0281.html

Nmap has a fix for this, but it was made after the 5.00 release. Sorry
it took me so long to figure out; it ws the obvious thing but for some
reason I thought this change was in 5.00.

On a Mac with the developer tools installed it's easy to install the
latest Nmap from Subversion.

http://nmap.org/book/install.html#inst-svn
http://nmap.org/book/inst-source.html

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Trying out nmap 5 with snow leopard - public release Darius S Garsys (Aug 30)
- Re: Trying out nmap 5 with snow leopard - public release David Fifield (Aug 31)
- Re: Trying out nmap 5 with snow leopard - public release David Fifield (Sep 09)